US9516012B2 - Method and server of electronic safes with information sharing - Google Patents

Method and server of electronic safes with information sharing Download PDF

Info

Publication number
US9516012B2
US9516012B2 US12/332,152 US33215208A US9516012B2 US 9516012 B2 US9516012 B2 US 9516012B2 US 33215208 A US33215208 A US 33215208A US 9516012 B2 US9516012 B2 US 9516012B2
Authority
US
United States
Prior art keywords
user
safe
electronic
access
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US12/332,152
Other versions
US20090206988A1 (en
Inventor
Michaël Chochois
Guillaume Jadeau
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Almerys
Original Assignee
Almerys
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Almerys filed Critical Almerys
Assigned to ALMERYS reassignment ALMERYS ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHOCHOIS, MICHAEL, JADEAU, GUILLAUME
Publication of US20090206988A1 publication Critical patent/US20090206988A1/en
Assigned to ALMERYS reassignment ALMERYS CHANGE OF ASSIGNEE ADDRESS; FROM: 49, RUE GEORGES BESSE; TO: 46, RUE DU RESSORT, ASSIGNMENT RECORDED APRIL 24, 2009 AT REEL/FRAME: 022611/0540 Assignors: ALMERYS
Application granted granted Critical
Publication of US9516012B2 publication Critical patent/US9516012B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party

Definitions

  • the present invention concerns the field of electronic safes.
  • Electronic safes correspond to storage spaces, with secure access, for electronic data. They offer administrations, companies and private individuals a solution for storing, in electronic form, various content, for example pay slips, bank statements, insurance policies, photographs, etc. (see, for example, the website www.e-coffrefort.fr).
  • Such electronic safes are generally created, and then managed, by means of a server belonging to a trusted third party and accessible from a large number of terminals (computers, mobile telephones, with WAP or Internet connection, etc.) by the users of the electronic safes.
  • the electronic safe generally comprises electronic directories, called folders.
  • a security module for example hardware (smart card, USB medium provided with a crypto-processor (called in particular a USB “token” or “dongle”), etc.), having means of storing in particular access data.
  • a step of authenticating the user is carried out by the server by means of the security module and a terminal adapted to communicate with the server.
  • one folder is generally dedicated to the storage of personal data of the user: address and telephone number, marital status, and more generally any other personal electronic item or file he wishes to archive securely.
  • a user may have the benefit of several electronic safes: a safe offered by his employer, another by his bank and/or insurance company, an administration, etc.
  • a company E 1 offers an electronic safe cf 1 to one of its employees.
  • the electronic safe is opened in the name of this employee, and the personal details of the employee are recorded in the folder “personal data”.
  • the company For accessing this safe, the company has issued the employee with a smart card (or a USB medium provided with a crypto-processor) comprising the logo and name of the company, etc.
  • a smart card or a USB medium provided with a crypto-processor
  • the employee is offered a second electronic safe cf 2 by another company (his bank or insurance company) or administration E 2 .
  • This second safe is also opened with the name of the employee.
  • the inventors thus noted a requirement to be able to establish a link between electronic safes allocated to the same user, possibly by means of different companies or administrations, without introducing any breach in keeping the information secure.
  • the invention proposes a method of managing electronic safes implemented by a server on behalf of at least one user possessing at least a first electronic safe.
  • This method comprises a step of implementing access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said implementation step being intended to be carried out in the event of authentication of said user as the user owning the first electronic safe.
  • the establishment of a link between safes makes it possible to share, between different electronic safes held by the same user, the same set of data, that is to say to allow access to this same set of data via two or more safes.
  • the shared data are for example personal data which the user wishes to be able to access as a matter of course, at each request for access to any one of his safes.
  • the implementation step is carried out following receipt by the server of a request for creation for said user of the second electronic safe. Data mutualisation is therefore performed as soon as possible.
  • this step is carried out following a request for access to a second electronic safe already created.
  • the method comprises a step of authenticating said user by means of user authentication data used for authenticating said user in the event of a request for access to the first safe.
  • the authentication data provided are for example an electronic signature of the user indicating a secret signature key or authentication items of the user indicating a secret authentication key.
  • Such a method thus makes it possible to be able to establish, while limiting the risk of fraud and weakening of the security of the electronic safes, a connection between electronic safes held by the same user and to mutualise between these safes, or at least certain of them, data stored in at least one of them.
  • the authentication step comprises implementation of strong authentication, using for example at least one key stored in a hardware medium held by the user such as a smart card or a USB medium provided with a crypto-processor, or else according to a biometric print. This measure further limits the risk of fraud and weakening of the security of the electronic safes.
  • the method according to the invention comprises a step of allocating to each electronic safe created at least one respective security function from amongst an encryption function and/or a decryption function and/or a signature function. At least one security function allocated to the new safe is chosen equal to a security function allocated to the first safe. This allows the user to make use in the same way of the data stored in the two safes.
  • access to a safe is a function of authentication items of the user, allocated to the user by the server.
  • the authentication items for access to the new safe are chosen different from those chosen for access to the first safe. This allows compartmentalising of the two safes.
  • the invention proposes a computer program comprising instructions for implementing the steps of a method according to the first aspect of the invention, during execution of the program on a computer.
  • the invention proposes a server for managing electronic safes on behalf of at least one user possessing at least a first electronic safe, the server comprising access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, the access means being intended to be activated in the event of authentication of said user as the user owning the first electronic safe.
  • FIG. 1 depicts a system according to an embodiment of the invention.
  • FIG. 2 depicts a method according to an embodiment of the invention.
  • FIG. 1 depicts a system 1 comprising a server S connected, via a communication network R, to a plurality of terminals.
  • the server S comprises a storage database B used in particular for storing the content of electronic safes and data necessary for managing these safes.
  • the server S is adapted to offer users services relating to the use of electronic safes, by means of the terminals and the network R.
  • PCs personal computers
  • mobile telephones personal digital assistants
  • FIG. 1 in particular depicts the terminal T used by an individual called UF A , who is an employee of the company Ent 1 .
  • the terminal T is for example a PC, provided with a display screen and a keyboard. It is also equipped with an interface for reading and writing to the smart card, which will be called below a smart card reader L.
  • the creation of an electronic safe comprises a phase of reservation by the company Ent 1 of the electronic safe CF 1A in the name UF A of the user, followed by a phase of activation of the electronic safe CF 1A by the employee UF A .
  • the company Ent 1 has issued the employee with a hardware security module, in the present case for example a smart card RC 1A , in the colours of the company Ent 1 (comprising for example its logo and name).
  • a hardware security module in the present case for example a smart card RC 1A , in the colours of the company Ent 1 (comprising for example its logo and name).
  • This smart card RC 1A is used, in the activation phase, to activate the safe CF 1A and configure the smart card. It is used in the phases of using the safe to access the safe CF 1A , and then consult it, and modify, delete and/or store electronic data therein.
  • the user UF A thus connects from the terminal T to the server S by means of the network R and indicates his wish to activate an electronic safe.
  • the activation phase carried out by means of the terminal T and the server S, comprises a first step according to which the user is asked to give his name and also indicate whether or not he already possesses an electronic safe. In the present case, the user answers no to the question.
  • the activation phase then continues with insertion by the user UF A of the smart card RC 1A into the smart card reader L.
  • the following are transmitted by the server S, and then loaded into the smart card RC 1A : an authentication certificate CAUT 1A and an associated pair of keys (a public key and a private key), a signature certificate CSIG A and an associated pair of keys, and an encryption certificate CCHH A and the associated pair of keys.
  • These certificates and the associated keys dedicated to the user UF A , for accessing and using the safe CF 1A and transmitted by the server S to the smart card RC 1A come from at least one registration and certification authority acting as trusted third party.
  • the server S itself is this trusted third party.
  • the server S comprises a list, in its database B, making it possible to establish the correspondences between each electronic safe, the name of its user and each of the certificates CAUT 1A , CSIG A , CCHH A and associated keys.
  • the empty safe CF 1A is then activated.
  • the user UF A now has the possibility of writing, reading and/or deleting data in storage folders provided by the electronic safe CF 1A , in particular a folder intended to store personal data.
  • the personal details (name, address, telephone numbers, date of birth, etc.) of the user UF A and other personal data are then supplied to the server S from the terminal T by the user UF A , and then recorded in the personal data folder of the safe CF 1A .
  • these personal details and personal data “Pers” supplied by the user are encrypted and signed by the terminal T using the respective encryption and signature keys stored in the smart card RC 1A , and associated with the encryption certificate CCHH A and signature certificate CSIG A . They are next transmitted to the server S, and then stored in this form in the folder CF 1A .
  • the user UF A is offered a second electronic safe CF 2A by another company (his bank or insurance company) or administration Ent 2 , which therefore reserves an electronic safe CF 2A in the name UF A of the user and issues the user UF A with a security module, in the present case for example a smart card RC 2A .
  • a security module in the present case for example a smart card RC 2A .
  • Steps of the phase of activation of the electronic safe CF 2A are depicted in FIG. 2 .
  • the user UF A connects by means of the terminal T to the server S via the network R. There then follows a phase of dialogue via the network R between the server S and the user by means of the terminal T.
  • the user UF A indicates his wish to activate an electronic safe, and then enters his name. When he is asked to indicate whether he already possesses an electronic safe, the user UF A this time replies yes.
  • a step 2 a of the user with the server S it is then requested by the server S that the user UF A insert the smart card associated with the electronic safe already held by the user, with a view to carrying out a step of authentication of the user with the server S on the basis of an item associated with the safe already held by the user.
  • This authentication is of the strong authentication type: it makes it possible to verify the identity of the user on the basis of at least two factors from amongst what he knows (password, PIN code), what he possesses (smart card, USB medium), and what he is (biometric parameter such as a fingerprint, hand, face, etc.).
  • the user UF A inserts the smart card RC 1A into the smart card reader L.
  • the server S chooses an unknown (comprising a random number and possible related information), encrypts the unknown using the public key associated with the authentication certificate CAUT 1A of the user UF A and transmits it to the terminal T, requesting that the random number, increased by 1, is returned to it signed by the smart card—for example by means of an applet housed in the smart card—using the signature used for storing data in the electronic safe CF 1A .
  • the random number received by the terminal T is then decrypted by means of the private key of the authentication certificate CAUT 1A , then increased by 1 and signed by means of the private signature key associated with the signature certificate CSIG A . These private keys are both stored in the smart card RC 1A .
  • the terminal T transmits the random number thus decrypted, then signed, to the server S.
  • the server S Using this random number increased by 1 and signed and according to the list in the database B providing the correspondences between the electronic safes, the authentication certificates and associated keys, and the names of the users, the server S carries out authentication of the user UF A and also identifies the safe CF 1A corresponding to the signature supplied. In the event of successful authentication, the method continues to step 2 b.
  • the aim of the authentication step is to make sure that only the user UF A owning the first safe is in a position to reply in a suitable manner.
  • the following step 2 b is carried out.
  • establishment of a link between the two safes does not take place and they remain compartmentalised.
  • no access means allowing the user to access via the second safe CF 2A at least some of the content of the first safe CF 1A is activated or implemented.
  • the server S implements access means designed to allow the user to access via the second safe CF 2A at least some of the content of the first safe CF 1A .
  • the server S implements access means designed to allow the user to access via the second safe CF 2A at least some of the content of the first safe CF 1A .
  • Different implementation variants are possible.
  • the server S copies the content “Pers” from the personal data folder of the electronic safe CF 1A into the personal data folder of the electronic safe CF 2A .
  • the server S copies the content “Pers” from the personal data folder of the electronic safe CF 1A into the personal data folder of the electronic safe CF 2A .
  • all or some of these personal data are copied.
  • a computer processing module of the server S establishes a logical connection between the two safes CF 1A and CF 2A which then share, wholly or partially, the content “Pers” of the personal data folder.
  • Several processing procedures are conceivable for establishing this logical connection. This second variant avoids any unnecessary duplication of data.
  • the activation phase then continues with a message from the server S addressed to the user UF A requesting insertion of the smart card of the safe to be activated into the smart card reader.
  • the user UF A therefore replaces the smart card RC 1A with the smart card RC 2A in the smart card reader L.
  • An authentication certificate CAUT 2A and an associated pair of keys (a public key and a private key), the signature certificate CSIG A and the associated pair of keys, and the encryption certificate CCHH A and the associated pair of keys are next transmitted by the server S, and then loaded into the smart card RC 2A .
  • the user UF A can then carry out storage of electronic data in the electronic safe CF 2A .
  • the server S carries out strong authentication of the user using his signature. In one embodiment, authentication is carried out using the authentication key associated with the authentication certificate CAUT 1A .
  • step 2 a strong authentication is carried out in particular using a hardware medium (here a smart card) held by the user.
  • a hardware medium here a smart card
  • it is carried out using a biometric item (for example a fingerprint) of the user used for accessing the safe CF 1A already opened or for signing the data to be stored in this safe, said user presenting a given finger to a reader connected to the terminal for comparison of the print thus captured with a print recorded in a database associated with the server with a view to authenticating the user.
  • compartmentalisation between the safes CF 1A and CF 2A is guaranteed through the use of distinct authentication certificates, each serving to unlock the access to one of these safes.
  • the signature and encryption certificates and keys associated with the two safes CF 1A and CF 2A are identical.
  • the signed and/or encrypted data contained in these safes are thus directly usable by both smart cards of the user.
  • the signature and encryption certificates and keys associated with the two safes CF 1A and CF 2A are chosen to be different by the server, which has the effect in particular of increasing the compartmentalisation between the two safes.
  • the server in at least one of the smart cards, there is no storage of signature and/or encryption keys, that is to say the data stored in the electronic safe associated with this smart card are not encrypted and/or not signed.
  • a hardware security module such as a smart card or a USB medium provided with a crypto-processor is replaced by a software security module such as a USB key or software files.
  • establishment of a link between two electronic safes is performed a posteriori, that is to say even though the two safes have already been created independently.
  • the user is asked to insert successively, with a view to establishment of a link between two safes, the two smart cards associated with these two respective safes and he is authenticated strongly using these two media, for example using his authentication certificates CAUT 1A , CAUT 2A and/or signature certificates CSIG 1A , CSIG 2A .
  • a link can then be established between the two safes, using logical connections between these two safes in the storage database B, according to two embodiments.
  • all the encryption and/or signature certificates and the associated pairs of keys are shared between the smart cards RC 1A and RC 2A by performing an update of the content of the smart cards. Only the authentication certificates remain specific to each smart card, namely the certificate CAUT 1A for the smart card RC 1A and the certificate CAUT 2A for the smart card RC 2A . In this case, all the personal information is accessible and modifiable irrespective of the authentication medium used.
  • the use of encryption and/or signature certificates during exchanges of data between the user and the server S is then supervised by the server S according to the information storage areas.
  • no modification of the content of the smart cards is carried out and the certificates and pairs of keys installed on one of the smart cards are completely distinct from the certificates and pairs of keys installed on the other smart card.
  • the data in the safe CF 1A are accessible for reading/writing when the user uses his smart card RC 1A and accessible for only reading when the user uses his smart card RC 2A .
  • the data in the safe CF 2A are accessible for reading/writing when the user uses his smart card RC 2A and accessible for only reading when the user uses his smart card RC 1A .
  • the present invention thus makes it possible to make a connection between different safes belonging to the same user, whilst safeguarding the high level of security required. It consists of allowing access to the same set of data via any one of the connected safes.
  • This connection is performed on the condition of authentication of the user owning the safes to be connected.
  • This authentication is performed by means of authentication data, these data being for example data giving access to a safe already held by the user, or data giving access to the content of this safe (decryption), or any other authentication data making it possible to authenticate this user as the user owning the safes to be connected.
  • These authentication data are obtained for example by means of a cryptographic resource: the smart card RC 1A or, in other embodiments, a USB medium provided with a crypto-processor to be inserted in a port, or else a biometric print to be validated.
  • a cryptographic resource the smart card RC 1A or, in other embodiments, a USB medium provided with a crypto-processor to be inserted in a port, or else a biometric print to be validated.
  • This establishment of a link makes it possible in particular to supply a new safe with the personal data recorded in the safe protected by the cryptographic resource inserted. These personal data are thus mutualised and do not require a new entry on the part of the user.

Abstract

A method of managing electronic safes implemented by a server on behalf of at least one user possessing at least a first electronic safe, said method comprising a step of implementing access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said implementation step being intended to be carried out in the event of authentication of said user as the user owning the first electronic safe.

Description

CROSS REFERENCE TO RELATED APPLICATION
This application claims the benefit of the French Patent Application No. FR 07 59696, filed on Dec. 10, 2007, which is hereby incorporated by reference as if fully set forth herein.
FIELD OF INVENTION
The present invention concerns the field of electronic safes.
BACKGROUND OF THE INVENTION
Electronic safes correspond to storage spaces, with secure access, for electronic data. They offer administrations, companies and private individuals a solution for storing, in electronic form, various content, for example pay slips, bank statements, insurance policies, photographs, etc. (see, for example, the website www.e-coffrefort.fr).
Such electronic safes are generally created, and then managed, by means of a server belonging to a trusted third party and accessible from a large number of terminals (computers, mobile telephones, with WAP or Internet connection, etc.) by the users of the electronic safes.
The electronic safe generally comprises electronic directories, called folders. When a company or an administration opens a safe for a user, it provides him with a security module, for example hardware (smart card, USB medium provided with a crypto-processor (called in particular a USB “token” or “dongle”), etc.), having means of storing in particular access data. When the user wishes to access the electronic safe, a step of authenticating the user is carried out by the server by means of the security module and a terminal adapted to communicate with the server.
The authentication step generally comprises reading the access data from the security module in order to allow authentication of the holder and authorise or not the access to an electronic safe.
Amongst the folders contained in an electronic safe, one folder is generally dedicated to the storage of personal data of the user: address and telephone number, marital status, and more generally any other personal electronic item or file he wishes to archive securely.
A user may have the benefit of several electronic safes: a safe offered by his employer, another by his bank and/or insurance company, an administration, etc.
Each time an electronic safe is created, the user therefore has a new folder dedicated to his personal data.
For example, a company E1 offers an electronic safe cf1 to one of its employees. The electronic safe is opened in the name of this employee, and the personal details of the employee are recorded in the folder “personal data”.
For accessing this safe, the company has issued the employee with a smart card (or a USB medium provided with a crypto-processor) comprising the logo and name of the company, etc.
Subsequently, the employee is offered a second electronic safe cf2 by another company (his bank or insurance company) or administration E2. This second safe is also opened with the name of the employee.
At that moment, no connection exists between the two safes via the server which manages them independently of each other. The probability of the existence of a homonym, the confidential nature of the data recorded in these safes (personal data, medical data, pay slips, bank details, etc.), and the risk connected with a fraud, preclude the establishment of a link between these two safes on usual criteria such as name and personal details.
The inventors thus noted a requirement to be able to establish a link between electronic safes allocated to the same user, possibly by means of different companies or administrations, without introducing any breach in keeping the information secure.
SUMMARY OF THE INVENTION
According to a first aspect, the invention proposes a method of managing electronic safes implemented by a server on behalf of at least one user possessing at least a first electronic safe.
This method comprises a step of implementing access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said implementation step being intended to be carried out in the event of authentication of said user as the user owning the first electronic safe.
The establishment of a link between safes makes it possible to share, between different electronic safes held by the same user, the same set of data, that is to say to allow access to this same set of data via two or more safes. The shared data are for example personal data which the user wishes to be able to access as a matter of course, at each request for access to any one of his safes.
In a variant embodiment, the implementation step is carried out following receipt by the server of a request for creation for said user of the second electronic safe. Data mutualisation is therefore performed as soon as possible. In another variant, this step is carried out following a request for access to a second electronic safe already created.
In one embodiment, the method comprises a step of authenticating said user by means of user authentication data used for authenticating said user in the event of a request for access to the first safe.
The authentication data provided are for example an electronic signature of the user indicating a secret signature key or authentication items of the user indicating a secret authentication key.
Such a method thus makes it possible to be able to establish, while limiting the risk of fraud and weakening of the security of the electronic safes, a connection between electronic safes held by the same user and to mutualise between these safes, or at least certain of them, data stored in at least one of them.
In one embodiment, the authentication step comprises implementation of strong authentication, using for example at least one key stored in a hardware medium held by the user such as a smart card or a USB medium provided with a crypto-processor, or else according to a biometric print. This measure further limits the risk of fraud and weakening of the security of the electronic safes.
In one embodiment, the method according to the invention comprises a step of allocating to each electronic safe created at least one respective security function from amongst an encryption function and/or a decryption function and/or a signature function. At least one security function allocated to the new safe is chosen equal to a security function allocated to the first safe. This allows the user to make use in the same way of the data stored in the two safes.
In one embodiment, access to a safe is a function of authentication items of the user, allocated to the user by the server. The authentication items for access to the new safe are chosen different from those chosen for access to the first safe. This allows compartmentalising of the two safes. According to a second aspect, the invention proposes a computer program comprising instructions for implementing the steps of a method according to the first aspect of the invention, during execution of the program on a computer.
According to a third aspect, the invention proposes a server for managing electronic safes on behalf of at least one user possessing at least a first electronic safe, the server comprising access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, the access means being intended to be activated in the event of authentication of said user as the user owning the first electronic safe.
Other characteristics and advantages of the invention will emerge further from a reading of the following description. This is purely illustrative and must be read with reference to the accompanying drawing in which:
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 depicts a system according to an embodiment of the invention.
FIG. 2 depicts a method according to an embodiment of the invention.
DESCRIPTION OF PREFERRED EMBODIMENTS
FIG. 1 depicts a system 1 comprising a server S connected, via a communication network R, to a plurality of terminals.
The server S comprises a storage database B used in particular for storing the content of electronic safes and data necessary for managing these safes. The server S is adapted to offer users services relating to the use of electronic safes, by means of the terminals and the network R.
Amongst the terminals making it possible to access electronic safes are for example personal computers (“PCs”), mobile telephones, personal digital assistants, etc.
FIG. 1 in particular depicts the terminal T used by an individual called UFA, who is an employee of the company Ent1. The terminal T is for example a PC, provided with a display screen and a keyboard. It is also equipped with an interface for reading and writing to the smart card, which will be called below a smart card reader L.
Let it be considered that the company Ent1 offers an electronic safe CF1A to its employee UFA. The creation of an electronic safe comprises a phase of reservation by the company Ent1 of the electronic safe CF1A in the name UFA of the user, followed by a phase of activation of the electronic safe CF1A by the employee UFA.
The company Ent1 has issued the employee with a hardware security module, in the present case for example a smart card RC1A, in the colours of the company Ent1 (comprising for example its logo and name).
This smart card RC1A is used, in the activation phase, to activate the safe CF1A and configure the smart card. It is used in the phases of using the safe to access the safe CF1A, and then consult it, and modify, delete and/or store electronic data therein.
The user UFA thus connects from the terminal T to the server S by means of the network R and indicates his wish to activate an electronic safe. The activation phase, carried out by means of the terminal T and the server S, comprises a first step according to which the user is asked to give his name and also indicate whether or not he already possesses an electronic safe. In the present case, the user answers no to the question. The activation phase then continues with insertion by the user UFA of the smart card RC1A into the smart card reader L.
During the phase of activation of the electronic safe CF1A by the user UFA, the following are transmitted by the server S, and then loaded into the smart card RC1A: an authentication certificate CAUT1A and an associated pair of keys (a public key and a private key), a signature certificate CSIGA and an associated pair of keys, and an encryption certificate CCHHA and the associated pair of keys.
These certificates and the associated keys dedicated to the user UFA, for accessing and using the safe CF1A and transmitted by the server S to the smart card RC1A, come from at least one registration and certification authority acting as trusted third party. In one embodiment, the server S itself is this trusted third party.
The server S comprises a list, in its database B, making it possible to establish the correspondences between each electronic safe, the name of its user and each of the certificates CAUT1A, CSIGA, CCHHA and associated keys.
The empty safe CF1A is then activated.
The user UFA now has the possibility of writing, reading and/or deleting data in storage folders provided by the electronic safe CF1A, in particular a folder intended to store personal data.
The personal details (name, address, telephone numbers, date of birth, etc.) of the user UFA and other personal data are then supplied to the server S from the terminal T by the user UFA, and then recorded in the personal data folder of the safe CF1A.
In the present case, these personal details and personal data “Pers” supplied by the user are encrypted and signed by the terminal T using the respective encryption and signature keys stored in the smart card RC1A, and associated with the encryption certificate CCHHA and signature certificate CSIGA. They are next transmitted to the server S, and then stored in this form in the folder CF1A.
Subsequently, the user UFA is offered a second electronic safe CF2A by another company (his bank or insurance company) or administration Ent2, which therefore reserves an electronic safe CF2A in the name UFA of the user and issues the user UFA with a security module, in the present case for example a smart card RC2A.
Steps of the phase of activation of the electronic safe CF2A are depicted in FIG. 2.
In order to activate the safe CF2A, the user UFA connects by means of the terminal T to the server S via the network R. There then follows a phase of dialogue via the network R between the server S and the user by means of the terminal T.
The user UFA indicates his wish to activate an electronic safe, and then enters his name. When he is asked to indicate whether he already possesses an electronic safe, the user UFA this time replies yes.
In a step 2 a of the user with the server S, it is then requested by the server S that the user UFA insert the smart card associated with the electronic safe already held by the user, with a view to carrying out a step of authentication of the user with the server S on the basis of an item associated with the safe already held by the user.
This authentication is of the strong authentication type: it makes it possible to verify the identity of the user on the basis of at least two factors from amongst what he knows (password, PIN code), what he possesses (smart card, USB medium), and what he is (biometric parameter such as a fingerprint, hand, face, etc.).
In the present case, the user UFA inserts the smart card RC1A into the smart card reader L.
The server S chooses an unknown (comprising a random number and possible related information), encrypts the unknown using the public key associated with the authentication certificate CAUT1A of the user UFA and transmits it to the terminal T, requesting that the random number, increased by 1, is returned to it signed by the smart card—for example by means of an applet housed in the smart card—using the signature used for storing data in the electronic safe CF1A.
The random number received by the terminal T is then decrypted by means of the private key of the authentication certificate CAUT1A, then increased by 1 and signed by means of the private signature key associated with the signature certificate CSIGA. These private keys are both stored in the smart card RC1A. The terminal T transmits the random number thus decrypted, then signed, to the server S.
Using this random number increased by 1 and signed and according to the list in the database B providing the correspondences between the electronic safes, the authentication certificates and associated keys, and the names of the users, the server S carries out authentication of the user UFA and also identifies the safe CF1A corresponding to the signature supplied. In the event of successful authentication, the method continues to step 2 b.
In a variant, instead of using the method of encryption of an unknown by the public authentication key, it is possible to carry out authentication of the user by means of a shared session key, for example of SSL/TLS type, and ensure that only the user UFA can decrypt the unknown and reply thereto according to the procedure defined.
Irrespective of the variant chosen, the aim of the authentication step is to make sure that only the user UFA owning the first safe is in a position to reply in a suitable manner. In the event of successful authentication, the following step 2 b is carried out. In the contrary case, establishment of a link between the two safes does not take place and they remain compartmentalised. In particular, no access means allowing the user to access via the second safe CF2A at least some of the content of the first safe CF1A is activated or implemented.
At the step 2 b, the server S implements access means designed to allow the user to access via the second safe CF2A at least some of the content of the first safe CF1A. Different implementation variants are possible.
According to a first variant embodiment, the server S copies the content “Pers” from the personal data folder of the electronic safe CF1A into the personal data folder of the electronic safe CF2A. Depending on the embodiment of the invention, all or some of these personal data are copied.
According to a second variant embodiment, a computer processing module of the server S establishes a logical connection between the two safes CF1A and CF2A which then share, wholly or partially, the content “Pers” of the personal data folder. Several processing procedures are conceivable for establishing this logical connection. This second variant avoids any unnecessary duplication of data.
Any other variant is also conceivable, for example through the use of electronic document management tools making it possible to select, from amongst the documents stored in a database, those that are visible and accessible by a user.
The activation phase then continues with a message from the server S addressed to the user UFA requesting insertion of the smart card of the safe to be activated into the smart card reader. The user UFA therefore replaces the smart card RC1A with the smart card RC2A in the smart card reader L.
An authentication certificate CAUT2A and an associated pair of keys (a public key and a private key), the signature certificate CSIGA and the associated pair of keys, and the encryption certificate CCHHA and the associated pair of keys are next transmitted by the server S, and then loaded into the smart card RC2A.
The user UFA can then carry out storage of electronic data in the electronic safe CF2A.
Upon subsequent requests for access to the safe CFiA (i=1 or 2), the user UFA will connect to the server S, and will then insert his smart card RCiA into the smart card reader L. Once the server S has actually authenticated the user UFA after a phase of authentication on the basis of the authentication certificate CAUiA, the user UFA can carry out storage of new electronic data, and/or consultation, modification or deletion of data already stored.
In the embodiment described here, the server S carries out strong authentication of the user using his signature. In one embodiment, authentication is carried out using the authentication key associated with the authentication certificate CAUT1A.
In the described embodiment of step 2 a, strong authentication is carried out in particular using a hardware medium (here a smart card) held by the user. In another embodiment, it is carried out using a biometric item (for example a fingerprint) of the user used for accessing the safe CF1A already opened or for signing the data to be stored in this safe, said user presenting a given finger to a reader connected to the terminal for comparison of the print thus captured with a print recorded in a database associated with the server with a view to authenticating the user.
In the embodiment described, compartmentalisation between the safes CF1A and CF2A is guaranteed through the use of distinct authentication certificates, each serving to unlock the access to one of these safes.
In the embodiment described, the signature and encryption certificates and keys associated with the two safes CF1A and CF2A are identical. The signed and/or encrypted data contained in these safes are thus directly usable by both smart cards of the user.
In another embodiment, the signature and encryption certificates and keys associated with the two safes CF1A and CF2A are chosen to be different by the server, which has the effect in particular of increasing the compartmentalisation between the two safes. In yet another embodiment, in at least one of the smart cards, there is no storage of signature and/or encryption keys, that is to say the data stored in the electronic safe associated with this smart card are not encrypted and/or not signed.
In one embodiment, a hardware security module such as a smart card or a USB medium provided with a crypto-processor is replaced by a software security module such as a USB key or software files.
In one embodiment of the invention, establishment of a link between two electronic safes is performed a posteriori, that is to say even though the two safes have already been created independently.
In this case, in one embodiment, the user is asked to insert successively, with a view to establishment of a link between two safes, the two smart cards associated with these two respective safes and he is authenticated strongly using these two media, for example using his authentication certificates CAUT1A, CAUT2A and/or signature certificates CSIG1A, CSIG2A. A link can then be established between the two safes, using logical connections between these two safes in the storage database B, according to two embodiments.
In the first embodiment, all the encryption and/or signature certificates and the associated pairs of keys are shared between the smart cards RC1A and RC2A by performing an update of the content of the smart cards. Only the authentication certificates remain specific to each smart card, namely the certificate CAUT1A for the smart card RC1A and the certificate CAUT2A for the smart card RC2A. In this case, all the personal information is accessible and modifiable irrespective of the authentication medium used. The use of encryption and/or signature certificates during exchanges of data between the user and the server S is then supervised by the server S according to the information storage areas.
In the second embodiment, no modification of the content of the smart cards is carried out and the certificates and pairs of keys installed on one of the smart cards are completely distinct from the certificates and pairs of keys installed on the other smart card. The data in the safe CF1A are accessible for reading/writing when the user uses his smart card RC1A and accessible for only reading when the user uses his smart card RC2A. Conversely, the data in the safe CF2A are accessible for reading/writing when the user uses his smart card RC2A and accessible for only reading when the user uses his smart card RC1A.
The following limitation should be noted: the data encrypted by virtue of an encryption certificate and pair of keys of one smart card cannot be decrypted/read when the user accesses his safe using the other smart card. “Trans-encryption” solutions can then be proposed according to implementations already known.
All or some of the steps implemented by the terminal are performed in one embodiment following the execution of computer program instructions on calculation means of the terminal.
Similarly, all or some of the steps implemented by the server are performed in one embodiment following the execution of computer program instructions on calculation means of the server.
The present invention thus makes it possible to make a connection between different safes belonging to the same user, whilst safeguarding the high level of security required. It consists of allowing access to the same set of data via any one of the connected safes.
This connection is performed on the condition of authentication of the user owning the safes to be connected. This authentication is performed by means of authentication data, these data being for example data giving access to a safe already held by the user, or data giving access to the content of this safe (decryption), or any other authentication data making it possible to authenticate this user as the user owning the safes to be connected.
These authentication data are obtained for example by means of a cryptographic resource: the smart card RC1A or, in other embodiments, a USB medium provided with a crypto-processor to be inserted in a port, or else a biometric print to be validated.
This establishment of a link makes it possible in particular to supply a new safe with the personal data recorded in the safe protected by the cryptographic resource inserted. These personal data are thus mutualised and do not require a new entry on the part of the user.

Claims (12)

What is claimed is:
1. A method of managing electronic safes implemented by a server on behalf of at least one user possessing at least a first electronic safe, said method comprising:
a step of implementing access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said access requiring an authentication of said user as a user to whom said second safe belongs,
wherein said step of implementing access means being intended to be carried out in the event of authentication of said user as the user owning the first electronic safe,
wherein the first safe and second safe comprise storage space, and
wherein the first safe and second safe only contain encrypted data and said user is able to decrypt said data by a decryption process.
2. The method of claim 1, wherein said step of implementing access means is carried out following receipt by the server of a request for creation for said user of the second electronic safe.
3. The method of claim 1, further comprising:
a step of authenticating said user by means of user authentication data used for authenticating said user in the event of a request for access to the first safe.
4. The method of claim 3, wherein the authentication step comprises implementation of strong authentication.
5. The method of claim 3, wherein, during the authentication step, the server receives authentication data that are a function of at least one key stored in a hardware cryptographic resource allocated to the user, and/or biometric data of the user.
6. The method of claim 1, further comprising:
a step of allocating to each electronic safe at least one respective security function from amongst an encryption function and/or a decryption function and/or a signature function, at least one security function allocated to the second safe being chosen equal to a security function allocated to the first safe.
7. The method of claim 1, wherein access to an electronic safe is a function of authentication items of the user, allocated to the user by the server and according to which the authentication items for access to the second electronic safe are chosen different from those for access to the first electronic safe.
8. A non-transitory computer program product comprising a computer readable medium, having stored thereon a computer program comprising instructions for implementing, during execution of said program on a computer, by a server on behalf of at least one user possessing at least a first electronic safe, access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said access requiring an authentication of said user as a user to whom said second safe belongs, wherein said step of implementing access means is intended to be carried out in the event of authentication of said user as the user owning the first electronic safe, wherein the first safe and second safe comprise storage space, and wherein the first safe and second safe only contain encrypted data and said user is able to decrypt said data by a decryption process.
9. A server for managing electronic safes on behalf of at least one user possessing at least a first electronic safe, the server comprising:
access means designed to provide said user with access, via a second safe belonging to said user, to a set of data forming part of a content accessible via the first electronic safe, said access requiring an authentication of said user as a user to whom said second safe belongs,
wherein said access means being intended to be activated in the event of authentication of said user as the user owning the first electronic safe,
wherein the first safe and second safe comprise storage space, and
wherein the first safe and second safe only contain encrypted data and said user is able to decrypt said data by a decryption process.
10. The server of claim 9, further comprising:
means for carrying out strong authentication on receipt of identification data.
11. The server of claim 9, further comprising:
means for allocating to each electronic safe at least one security function associated with at least one respective key from amongst an encryption function and/or a decryption function and/or a signature function,
said means being adapted to also allocate to the new electronic safe the security function and the associated key assigned to the first electronic safe.
12. The server of claim 9, wherein access to an electronic safe is a function of authentication items of the user allocated to the user by the server, said server being adapted to allocate to the user authentication items for access to the new electronic safe different from those allocated to the user for access to the first electronic safe.
US12/332,152 2007-12-10 2008-12-10 Method and server of electronic safes with information sharing Expired - Fee Related US9516012B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0759696 2007-12-10
FR0759696 2007-12-10

Publications (2)

Publication Number Publication Date
US20090206988A1 US20090206988A1 (en) 2009-08-20
US9516012B2 true US9516012B2 (en) 2016-12-06

Family

ID=39590170

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/332,152 Expired - Fee Related US9516012B2 (en) 2007-12-10 2008-12-10 Method and server of electronic safes with information sharing

Country Status (3)

Country Link
US (1) US9516012B2 (en)
EP (1) EP2071798B1 (en)
CA (1) CA2647248C (en)

Cited By (77)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190043119A1 (en) * 2017-08-02 2019-02-07 Boe Technology Group Co., Ltd. Shared item management system and method, shared item and shared server
US11240273B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11244072B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11244071B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US11256777B2 (en) 2016-06-10 2022-02-22 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11301589B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Consent receipt management systems and related methods
US11308435B2 (en) 2016-06-10 2022-04-19 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11328240B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11334682B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data subject access request processing systems and related methods
US11334681B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Application privacy scanning systems and related meihods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11347889B2 (en) 2016-06-10 2022-05-31 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11361057B2 (en) 2016-06-10 2022-06-14 OneTrust, LLC Consent receipt management systems and related methods
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US11373007B2 (en) 2017-06-16 2022-06-28 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11397819B2 (en) 2020-11-06 2022-07-26 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US11409908B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416576B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent capture systems and related methods
US11416634B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent receipt management systems and related methods
US11418516B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent conversion optimization systems and related methods
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11416636B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent management systems and related methods
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11436373B2 (en) 2020-09-15 2022-09-06 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11444976B2 (en) 2020-07-28 2022-09-13 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
US11442906B2 (en) 2021-02-04 2022-09-13 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
US11449633B2 (en) 2016-06-10 2022-09-20 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US11461722B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Questionnaire response automation for compliance management
US11468196B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11468386B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11475165B2 (en) 2020-08-06 2022-10-18 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US11526624B2 (en) 2020-09-21 2022-12-13 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US11533315B2 (en) 2021-03-08 2022-12-20 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11546661B2 (en) 2021-02-18 2023-01-03 OneTrust, LLC Selective redaction of media content
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US11586762B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US11593523B2 (en) 2018-09-07 2023-02-28 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11601464B2 (en) 2021-02-10 2023-03-07 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11651402B2 (en) 2016-04-01 2023-05-16 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of risk assessments
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11775348B2 (en) 2021-02-17 2023-10-03 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
US11797528B2 (en) 2020-07-08 2023-10-24 OneTrust, LLC Systems and methods for targeted data discovery
US11921894B2 (en) 2016-06-10 2024-03-05 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130239184A1 (en) * 2012-03-09 2013-09-12 Burroughs, Inc. Method and System for Controlling a Safe from a Remote Computing Device
US10097534B2 (en) * 2015-08-28 2018-10-09 Dell Products L.P. System and method to redirect hardware secure USB storage devices in high latency VDI environments

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6006333A (en) * 1996-03-13 1999-12-21 Sun Microsystems, Inc. Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server
US20010011250A1 (en) * 1997-11-12 2001-08-02 Cris T. Paltenghe Distributed network based electronic wallet
WO2002103496A2 (en) 2001-06-18 2002-12-27 Daon Holdings Limited An electronic data vault providing biometrically protected electronic signatures
WO2003009111A2 (en) 2001-07-18 2003-01-30 Daon Holdings Limited A distributed network system using biometric authentication access
US6529976B1 (en) * 1997-04-01 2003-03-04 Hitachi, Ltd. Heterogeneous computer system, heterogeneous input output system and data back-up method for the systems
US20050203885A1 (en) 2004-03-12 2005-09-15 U.S. Bank Corporation System and method for storing, creating, and organizing financial information electronically
US7010693B1 (en) * 1998-12-02 2006-03-07 Supportsoft, Inc. Software vault
US20060089126A1 (en) * 2004-10-22 2006-04-27 Frank Edward H Key revocation in a mobile device
US20060112150A1 (en) * 2001-03-16 2006-05-25 Brown David K Server for synchronization of files
US7111137B2 (en) * 2003-12-29 2006-09-19 Sun Microsystems, Inc. Data storage systems and processes, such as one-way data mirror using write mirroring
US20070250920A1 (en) * 2006-04-24 2007-10-25 Jeffrey Dean Lindsay Security Systems for Protecting an Asset
US20070255963A1 (en) * 2006-04-28 2007-11-01 Erix Pizano System and method for biometrically secured, transparent encryption and decryption
US20080059208A1 (en) * 2006-09-01 2008-03-06 Mark Rockfeller System and Method for Evaluation, Management, and Measurement of Sponsorship
US20080294899A1 (en) * 2006-01-17 2008-11-27 Boardvantage, Inc. Secure management of document in a client-server environment
US7502954B1 (en) * 2004-05-26 2009-03-10 Emc Corporation High availability data storage system
US7953948B1 (en) * 2005-06-17 2011-05-31 Acronis Inc. System and method for data protection on a storage medium
US20110213940A1 (en) * 2007-10-09 2011-09-01 Cleversafe, Inc. Virtualized data storage vaults on a dispersed data storage network

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6006333A (en) * 1996-03-13 1999-12-21 Sun Microsystems, Inc. Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server
US6529976B1 (en) * 1997-04-01 2003-03-04 Hitachi, Ltd. Heterogeneous computer system, heterogeneous input output system and data back-up method for the systems
US20010011250A1 (en) * 1997-11-12 2001-08-02 Cris T. Paltenghe Distributed network based electronic wallet
US7010693B1 (en) * 1998-12-02 2006-03-07 Supportsoft, Inc. Software vault
US20060112150A1 (en) * 2001-03-16 2006-05-25 Brown David K Server for synchronization of files
WO2002103496A2 (en) 2001-06-18 2002-12-27 Daon Holdings Limited An electronic data vault providing biometrically protected electronic signatures
WO2003009111A2 (en) 2001-07-18 2003-01-30 Daon Holdings Limited A distributed network system using biometric authentication access
US7111137B2 (en) * 2003-12-29 2006-09-19 Sun Microsystems, Inc. Data storage systems and processes, such as one-way data mirror using write mirroring
US20050203885A1 (en) 2004-03-12 2005-09-15 U.S. Bank Corporation System and method for storing, creating, and organizing financial information electronically
US7502954B1 (en) * 2004-05-26 2009-03-10 Emc Corporation High availability data storage system
US20060089126A1 (en) * 2004-10-22 2006-04-27 Frank Edward H Key revocation in a mobile device
US7953948B1 (en) * 2005-06-17 2011-05-31 Acronis Inc. System and method for data protection on a storage medium
US20080294899A1 (en) * 2006-01-17 2008-11-27 Boardvantage, Inc. Secure management of document in a client-server environment
US20070250920A1 (en) * 2006-04-24 2007-10-25 Jeffrey Dean Lindsay Security Systems for Protecting an Asset
US20070255963A1 (en) * 2006-04-28 2007-11-01 Erix Pizano System and method for biometrically secured, transparent encryption and decryption
US20080059208A1 (en) * 2006-09-01 2008-03-06 Mark Rockfeller System and Method for Evaluation, Management, and Measurement of Sponsorship
US20110213940A1 (en) * 2007-10-09 2011-09-01 Cleversafe, Inc. Virtualized data storage vaults on a dispersed data storage network

Cited By (93)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11651402B2 (en) 2016-04-01 2023-05-16 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of risk assessments
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11256777B2 (en) 2016-06-10 2022-02-22 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11301589B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Consent receipt management systems and related methods
US11308435B2 (en) 2016-06-10 2022-04-19 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11328240B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11334682B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data subject access request processing systems and related methods
US11334681B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Application privacy scanning systems and related meihods
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11347889B2 (en) 2016-06-10 2022-05-31 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11361057B2 (en) 2016-06-10 2022-06-14 OneTrust, LLC Consent receipt management systems and related methods
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US11461722B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Questionnaire response automation for compliance management
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US11410106B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Privacy management systems and methods
US11921894B2 (en) 2016-06-10 2024-03-05 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US11868507B2 (en) 2016-06-10 2024-01-09 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US11409908B2 (en) 2016-06-10 2022-08-09 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416576B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent capture systems and related methods
US11416634B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent receipt management systems and related methods
US11418516B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Consent conversion optimization systems and related methods
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US11416636B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing consent management systems and related methods
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11847182B2 (en) 2016-06-10 2023-12-19 OneTrust, LLC Data processing consent capture systems and related methods
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US11240273B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11449633B2 (en) 2016-06-10 2022-09-20 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11468196B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US11244071B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US11468386B2 (en) 2016-06-10 2022-10-11 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US11645353B2 (en) 2016-06-10 2023-05-09 OneTrust, LLC Data processing consent capture systems and related methods
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11488085B2 (en) 2016-06-10 2022-11-01 OneTrust, LLC Questionnaire response automation for compliance management
US11645418B2 (en) 2016-06-10 2023-05-09 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11544405B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11609939B2 (en) 2016-06-10 2023-03-21 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11586762B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US11551174B2 (en) 2016-06-10 2023-01-10 OneTrust, LLC Privacy management systems and methods
US11550897B2 (en) 2016-06-10 2023-01-10 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11558429B2 (en) 2016-06-10 2023-01-17 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US11556672B2 (en) 2016-06-10 2023-01-17 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11244072B2 (en) 2016-06-10 2022-02-08 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US11663359B2 (en) 2017-06-16 2023-05-30 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US11373007B2 (en) 2017-06-16 2022-06-28 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
US20190043119A1 (en) * 2017-08-02 2019-02-07 Boe Technology Group Co., Ltd. Shared item management system and method, shared item and shared server
US10706460B2 (en) * 2017-08-02 2020-07-07 Boe Technology Group Co., Ltd. Shared item management system and method, shared item and shared server
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11593523B2 (en) 2018-09-07 2023-02-28 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11797528B2 (en) 2020-07-08 2023-10-24 OneTrust, LLC Systems and methods for targeted data discovery
US11444976B2 (en) 2020-07-28 2022-09-13 OneTrust, LLC Systems and methods for automatically blocking the use of tracking tools
US11475165B2 (en) 2020-08-06 2022-10-18 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
US11436373B2 (en) 2020-09-15 2022-09-06 OneTrust, LLC Data processing systems and methods for detecting tools for the automatic blocking of consent requests
US11704440B2 (en) 2020-09-15 2023-07-18 OneTrust, LLC Data processing systems and methods for preventing execution of an action documenting a consent rejection
US11526624B2 (en) 2020-09-21 2022-12-13 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US11615192B2 (en) 2020-11-06 2023-03-28 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11397819B2 (en) 2020-11-06 2022-07-26 OneTrust, LLC Systems and methods for identifying data processing activities based on data discovery results
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
US11442906B2 (en) 2021-02-04 2022-09-13 OneTrust, LLC Managing custom attributes for domain objects defined within microservices
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US11601464B2 (en) 2021-02-10 2023-03-07 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
US11775348B2 (en) 2021-02-17 2023-10-03 OneTrust, LLC Managing custom workflows for domain objects defined within microservices
US11546661B2 (en) 2021-02-18 2023-01-03 OneTrust, LLC Selective redaction of media content
US11533315B2 (en) 2021-03-08 2022-12-20 OneTrust, LLC Data transfer discovery and analysis systems and related methods
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11816224B2 (en) 2021-04-16 2023-11-14 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments

Also Published As

Publication number Publication date
US20090206988A1 (en) 2009-08-20
EP2071798B1 (en) 2019-08-21
CA2647248C (en) 2017-07-11
CA2647248A1 (en) 2009-06-10
EP2071798A1 (en) 2009-06-17

Similar Documents

Publication Publication Date Title
US9516012B2 (en) Method and server of electronic safes with information sharing
US10829088B2 (en) Identity management for implementing vehicle access and operation management
US11055802B2 (en) Methods and apparatus for implementing identity and asset sharing management
US10142324B2 (en) Method for reading attributes from an ID token
US11151260B2 (en) Providing and checking the validity of a virtual document
US9596089B2 (en) Method for generating a certificate
CN106537403B (en) System for accessing data from multiple devices
US20210218720A1 (en) Systems and methods for secure custodial service
US20110296512A1 (en) Method for reading attributes from an id token
JP2007522540A (en) User authentication methods and related architectures based on the use of biometric identification technology
CN109903043B (en) Block chain-based secure transaction method, device, equipment and storage medium
WO2021041015A1 (en) Cryptoasset custodial system with custom logic
AU2020100734A4 (en) Systems and methods for secure digital file sharing and authenticating
JPH1188321A (en) Digital signature generation server
US20070204167A1 (en) Method for serving a plurality of applications by a security token
EP3762843B1 (en) A one-click login procedure
Otterbein et al. The German eID as an authentication token on android devices
US8621231B2 (en) Method and server for accessing an electronic safe via a plurality of entities
Reece et al. Self-Sovereign Identity in a World of Authentication: Architecture and Domain Usecases
WO2022251894A1 (en) Systems and methods for secure digital file sharing and authenticating
WO2024059884A1 (en) Verification and identification process records using digital signatures
TR202007121U5 (en) THE METHOD OF PROVIDING ELECTRONIC SIGNATURE AND TIME STAMP SERVICE WITH THE HASHGRAPH SYSTEM

Legal Events

Date Code Title Description
AS Assignment

Owner name: ALMERYS, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHOCHOIS, MICHAEL;JADEAU, GUILLAUME;REEL/FRAME:022611/0540

Effective date: 20090312

AS Assignment

Owner name: ALMERYS, FRANCE

Free format text: CHANGE OF ASSIGNEE ADDRESS; FROM: 49, RUE GEORGES BESSE; TO: 46, RUE DU RESSORT, ASSIGNMENT RECORDED APRIL 24, 2009 AT REEL/FRAME: 022611/0540;ASSIGNOR:ALMERYS;REEL/FRAME:030150/0605

Effective date: 20130325

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20201206